Ravenous Unauthorized Access Vulnerability
BID:17013
Info
Ravenous Unauthorized Access Vulnerability
| Bugtraq ID: | 17013 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 07 2006 12:00AM |
| Updated: | Mar 09 2006 11:25PM |
| Credit: | This issue was disclosed by the vendor. |
| Vulnerable: |
Ravenous Ravenous 0.7 |
| Not Vulnerable: |
Ravenous Ravenous 0.7.1 |
Discussion
Ravenous Unauthorized Access Vulnerability
Ravenous is prone to an unauthorized-access vulnerability. This issue is due to a failure in the application to properly secure sensitive information.
A successful exploit will result in the disclosure of sensitive information; this may aid in further attacks.
Ravenous is prone to an unauthorized-access vulnerability. This issue is due to a failure in the application to properly secure sensitive information.
A successful exploit will result in the disclosure of sensitive information; this may aid in further attacks.
Exploit / POC
Ravenous Unauthorized Access Vulnerability
This issue can be exploited through use of a web client.
This issue can be exploited through use of a web client.
Solution / Fix
Ravenous Unauthorized Access Vulnerability
Solution:
The vendor has released an update to address this issue.
Ravenous Ravenous 0.7
Solution:
The vendor has released an update to address this issue.
Ravenous Ravenous 0.7
-
Ravenous ravenous-0.7.1.tgz
http://prdownloads.sourceforge.net/ravenous/ravenous-0.7.1.tgz
References
Ravenous Unauthorized Access Vulnerability
References:
References:
- Ravenous 0.7.1: changelog (Ravenous)
- Ravenous Homepage (Ravenous)